RylodRylod
Your Privacy Matters

Privacy Policy

Last Updated: March 4, 2026

Rylod ("we", "our", "us") operates a technology platform that enables users to book parcel delivery and transportation services, including bike, e-bike, auto, car, and truck services (collectively, the "Services").

This Privacy Policy explains how we collect, use, store, share, and protect personal information when you access or use our mobile applications, website, and related services (the "Platform").

By using Rylod, you agree to the practices described in this Privacy Policy. This Policy is published in compliance with the Digital Personal Data Protection Act, 2023 (DPDP Act), the Information Technology Act, 2000, and applicable rules thereunder.

1. Applicability

This Privacy Policy applies to:

  • Customers booking rides or parcel deliveries
  • Drivers and delivery partners
  • Fleet owners and vendors
  • Website visitors and administrative users

2. Eligibility (Age Restriction)

Rylod services are strictly available only to users who are 18 years of age or older.

  • Users below 18 years of age are not permitted to register, access, or use the Platform.
  • Rylod does not knowingly collect personal data from individuals under 18.
  • Any account identified as belonging to a user below 18 may be blocked or deleted.

3. Legal Basis for Processing

We process your personal data on the following legal grounds under the Digital Personal Data Protection Act, 2023 (DPDP Act) and applicable Indian law:

  • Consent: By registering and using the Platform, you provide consent to the collection and processing of your data as described in this Policy.
  • Contractual Necessity: Processing required to fulfil our obligations under the terms of service, including ride bookings, deliveries, and payments.
  • Legitimate Interest: Processing necessary for fraud prevention, safety, platform improvement, and dispute resolution.
  • Legal Obligation: Processing required to comply with applicable laws, regulations, court orders, or government directives.

4. Information We Collect

A. Personal Information

  • Name
  • Mobile number
  • Email address (if provided)
  • Profile photograph
  • Date of birth (for age verification)
  • Government-issued identification documents (where applicable for drivers or vendors)

B. Booking & Parcel Information

  • Pickup and drop locations
  • Parcel details (type, weight, dimensions)
  • Trip date, time, service type, and booking history
  • Fare and invoice details

C. Vehicle Information

  • Vehicle type (bike, e-bike, auto, car, truck)
  • Vehicle registration number (where applicable)
  • Brand and variant
  • Vehicle images
  • Insurance, permits, and compliance documents (where required by law)

D. Location Information

  • Real-time GPS location during active bookings
  • Background location data during trips for tracking, safety, fraud prevention, and dispute resolution
  • Route details, distance travelled, and trip duration
Location access is essential to provide core services and ensure operational accuracy.

E. Payment & Transaction Information

  • Transaction identifiers
  • Payment status and timestamps
  • Payment method used (cash, UPI, wallet, etc.)
Rylod does not store card numbers, bank account details, or UPI credentials. Payments are processed through authorized third-party payment gateways compliant with PCI-DSS standards.

F. Usage & Technical Information

  • Device type, model, and operating system
  • App version and usage logs
  • IP address and network information
  • Crash reports and diagnostics
  • Browser type and language preferences (for website visitors)

G. Communications Data

  • In-app chat messages between customers and drivers
  • Customer support conversations and feedback
  • Ratings and reviews provided on the Platform
Communications may be monitored for quality assurance, safety, and dispute resolution purposes.

5. Cookies & Tracking Technologies

Our website and applications may use cookies and similar tracking technologies to enhance user experience and analyse usage patterns.

Types of Cookies Used

  • Essential Cookies: Required for core functionality such as authentication and security.
  • Analytics Cookies: Help us understand how users interact with the Platform to improve performance.
  • Preference Cookies: Store user preferences such as language and theme settings.

Third-Party Analytics

  • We may use third-party analytics services (such as Google Analytics, Firebase Analytics) to collect and analyse usage data.
  • These services may use cookies or similar identifiers to track interactions across sessions.
You can manage cookie preferences through your browser or device settings. Disabling cookies may affect certain features of the Platform.

6. Third-Party Services & SDKs

Rylod integrates third-party services and software development kits (SDKs) to provide core functionality. These third parties may collect and process data in accordance with their own privacy policies:

  • Google Maps / Maps SDK: For location services, route mapping, and geocoding
  • Firebase: For push notifications, analytics, crash reporting, and authentication
  • Payment Gateways (e.g., Razorpay): For secure payment processing
  • SMS & Communication Services: For OTP verification and transactional notifications
  • Cloud Infrastructure (e.g., AWS, Google Cloud): For secure data storage and processing
We ensure that third-party service providers are bound by appropriate data processing agreements and comply with applicable data protection standards.

7. How We Use Information

We use collected information to:

  • Enable and manage bookings and deliveries
  • Match customers with drivers and vehicles
  • Track trips and calculate fares
  • Process payments and generate invoices
  • Improve safety, trust, and fraud detection
  • Provide customer support and resolve disputes
  • Send transactional notifications (booking confirmations, trip updates, payment receipts)
  • Send promotional communications (with your consent, and with opt-out available)
  • Improve platform functionality, performance, and user experience
  • Conduct internal research and analytics
  • Comply with applicable laws and regulations

8. App Permissions

Rylod may request the following permissions:

  • Location (foreground and background)
  • Camera (document and image uploads)
  • Storage (documents and images)
  • Notifications (booking and trip updates)
  • Phone (OTP-based authentication)
You may manage permissions through device settings. Certain services may not function correctly without required permissions.

9. Data Sharing & Disclosure

We may share information:

  • Between customers and drivers for a booking (limited to name, photo, vehicle details, and real-time location)
  • With fleet owners or vendors for service fulfilment
  • With service providers (maps, payment gateways, SMS, cloud infrastructure)
  • With government authorities or law enforcement when legally required or in response to valid legal process
  • With professional advisors (lawyers, auditors) as necessary for business operations
  • In connection with a merger, acquisition, or sale of assets (with prior notice to users)
We do not sell, rent, or trade personal data to third parties for marketing purposes.

10. Cross-Border Data Transfers

Your personal data is primarily stored and processed in India. However, some of our third-party service providers may store or process data in servers located outside India.

  • Any cross-border data transfer is conducted in compliance with the DPDP Act, 2023 and applicable regulations.
  • We ensure appropriate safeguards are in place, including data processing agreements with third-party providers.
  • Data will not be transferred to jurisdictions that have been restricted by the Central Government of India under the DPDP Act.

11. Data Security & Encryption

Rylod implements reasonable technical and organizational safeguards to protect personal data:

  • Industry-standard encryption (TLS/SSL) for data in transit
  • Encryption at rest for sensitive personal data
  • Access controls with role-based permissions on a need-to-know basis
  • Regular security audits and vulnerability assessments
  • Incident response procedures for data breaches
In the event of a data breach that poses a risk to your rights, we will notify affected users and the relevant authorities as required by law. No system is completely secure, and we cannot guarantee absolute security.

12. Data Retention

We retain personal information:

  • While your account remains active
  • For a reasonable period after account deletion to comply with legal obligations, resolve disputes, and enforce agreements
  • Trip and transaction records: Retained for a minimum of 8 years as required under applicable tax and financial regulations
  • Communication logs: Retained for up to 180 days after trip completion for dispute resolution
  • As otherwise required under applicable laws
Upon account deletion, personal data will be anonymized or deleted within 90 days, except where retention is required by law.

13. User Rights

Under the DPDP Act, 2023 and applicable law, you have the right to:

  • Access: Request a summary of the personal data we hold about you.
  • Correction: Request correction of inaccurate or incomplete personal data.
  • Erasure: Request deletion of your personal data (subject to legal retention requirements).
  • Withdraw Consent: Withdraw your consent for data processing at any time. Withdrawal of consent may affect your ability to use certain services.
  • Nominate: Nominate another individual to exercise your data rights in the event of your death or incapacity, as provided under the DPDP Act.
  • Grievance: Lodge a complaint with the Data Protection Board of India if you believe your rights have been violated.
To exercise your rights, contact us through in-app support or email. We may verify your identity via OTP or in-app verification before processing requests. Requests will be processed within 30 days.

14. Compliance with Indian Law

This Privacy Policy is governed by and compliant with the following Indian laws and regulations:

  • Digital Personal Data Protection Act, 2023 (DPDP Act)
  • Information Technology Act, 2000 and IT Rules
  • Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules, 2011
  • Motor Vehicle Aggregator Guidelines, 2020 (as applicable)
  • Consumer Protection Act, 2019
  • Indian Contract Act, 1872

15. Policy Changes

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, or legal requirements.

Material changes will be communicated through in-app notifications and/or email.

The "Last Updated" date at the top of this page indicates the most recent revision.

Continued use of the Platform after changes are posted indicates acceptance of the updated policy. If you do not agree with the changes, you should discontinue use of the Platform.

16. Grievance Redressal

In accordance with the DPDP Act, 2023 and IT Act, 2000, Rylod has appointed a Grievance Officer to address concerns related to personal data:

  • Contact: In-app support or email at support@rylod.com
  • Response Time: Acknowledgement within 48 hours; resolution within 30 days
  • Escalation: If unsatisfied with the resolution, you may file a complaint with the Data Protection Board of India

17. Contact & Support

For questions or concerns regarding this Privacy Policy, users may contact Rylod through:

  • In-app support
  • Email: support@rylod.com
  • Registered office: Abitz Technologies Private Limited, 1st Floor, Raheja Arcade, Unit 131 & 132, Koramangala Industrial Layout, Koramangala, Bengaluru, Karnataka 560095

Questions or Concerns?

If you have any questions or concerns about our privacy practices, please don't hesitate to reach out.

Email: support@rylod.com

Address: Abitz Technologies Private Limited, 1st Floor, Raheja Arcade, Unit 131 & 132, Koramangala Industrial Layout, Koramangala, Bengaluru, Karnataka 560095